Get a crank relearn done to see if it resolves the issues. The misfires are generally a result of the crank sensor not being synced properly.I actually bought a scanner so I could run the relearn.no change!
Root unrevoked problem. Discussion in 'Android Devices' started by Lacktaters, Nov 13, 2010. Lacktaters Lurker. Thread Starter. But I have no superpermissions. Now when I hook my phone to the computer and run the reflash_package it hangs on 'pushing hboot'. I've tried it 5 times now and still nothing.any advice? Advertisement #1.
I found something interesting though when checking the live data. It said that the crank was out of sync.knew that but it also said that the crank sensor signal is false. Im assuming that means there is no signal or the ECU has an issue reading it. It also said the ECU is in limp mode.I assume that is because of crank position sensor issue.
So im going to check the wiring at the plug and at the ECU but im not sure which pin at the ECU to check.does anyone have the Pin diagram for the LX ECU's?? I looked online but really couldnt find anything. Been pretty sick for over a week so have not had time to really look into tracking down whats going on with my car but I do have an update. I found out that the ECU I have is not the original one to my car. When I was going over the issues with the place that reflash ECU they told me that in the tech notes it was said that the actual VIN number associated with the ECU was not the VIN I gave them??? But they did the reflash and updated it to my VIN.
Which is true when I use my scan tool I see my vin and for sure this ECU has been reflashed back because I can now link with my T-1000. I'm also able to unload and load tunes which I could not do before they reflashed it.
I also thought these car would not run without the VIN matching but my car ran great on that ECU.well until I brought it back to stock. So anyway I searched the part number off the ECU and it actually came from a Hemi Jeep. Not sure if that makes any difference and if there is really much of a difference between these hemi cars and trunk when it comes to the actual build of the ECU's??? Also Im still in need of the pin diagram for these ECU's.if anyone can help with that I truly would appreciate it.
Reflash flash research framework Reflash is a proof-of-concept framework for analysing flash files. It produces a SQL database of flash VM stack trace by injecting dynamically generated instrumentation to flash files. The SQL database can later be analyzed with various tools. Main features of Reflash:.
Extract embedded flash images. Fetch and analyze the flash stack trace. Run YARA over the stack values and disassembly.
Browse the database with a GUI tool, which works like a tradtional debugger. Fake flash player version Reflash (capital 'R') refers to an overall framework, and reflash to a standalone instrumentation tool. Disclamer: Reflash is a proof-of-concept.
So no proper packaging or system-wide installation, or anything like that. It might crash and burn every now and then. If it works for you, I'm very happy for you. Please give me feedback on any problems you face, and of course please do share your success stories as well.
Reflash reflash is the actual tool for flash file manipulation. Together with the Instrument library (in directory 'instrument'), it forms an instrumentation environment much like Intel pin or Dynamorio. Reflash has the capability to insert hooks for arbitrary opcodes (in practice, not all opcodes are supported). There are three types of hooks supported by reflash:. Method entry hook for collecting method arguments. Generic opcode hook for collecting stack trace and manipulating function call arguments prior to execution.
Post opcode hook for manipulating stack values (only 'getproperty' supported in current version) In addition to inserting instrumentation, reflash can be used for disassembling and assembling any flash file. For more information, please read the.
Instrument Instrument library is responsible for analyzing and manipulating arguments sent by the instrumentation hooks. It is an standalone SWF file, but it is required to implement a specific API corresponding to the hook types described above. Instrument is configured statically prior to execution with a recompiler tool included in the distribution. Please see the directory 'instrument/instrumentpackage' for more details. Framework Framework is built around mitmproxy, the python man-in-the-middle proxy. In addition to HTTP(S) proxy, Framework collects stack trace from Instrument.
Collected stack trace is put to a SQL database for later inspection. $ sudo pip install selenium Usage The most typical usage work flow is to run Reflash as a proxy for remote machine, typically sitting inside a VM on same host machine. If this is your plan, please make sure you have the target VM guest up and running at this point. All usage is done from command line, in the directory 'framework'.
So please 'cd' back there, in case you ever went away. All the tools support at least command line option -h or -help for getting help. Frontend scripts runfile.sh and runlive.sh redirect command line options to proxy.py so all these scripts accept the same command line options. Only exception to this rule is that runfile.sh requires at least one argument: the actual SWF to be analyzed. Before going into typical use cases, let's first finish the installation by setting up the environment.
Setting up the evironment with unittest.swf unittest.swf (in directory 'framework') is a simple SWF file for testing out the installation. After few test rounds, it displays a message Hello Reflash! On browser screen. Configure you browser settings Now go to your flash analysis target machine (it can be also on the same machine for testing) and configure the browser proxy settings to match the following:. IP address or name: where your proxy runs.
Port: by default, mitmproxy uses 8080 The browser also needs to have flash player installed (version 9+). If you want to test on a local machine, make sure to use Chrome (flash player included by default) or install flashplayer-plugin package for firefox. Now go back to your proxy machine, again to directory 'framework'. Test unittest.swf with runfile.sh Please make sure that the interface variables in frontend scripts runfile.sh and runlive.sh match to your setup. $./runfile.sh unittest.swf If everything is set up correctly, you should see something like this in the console: dump dir: /tmp/tmp.c8JRweb6ED, database: unittest.swf.db, landing page: index.html Proxy started.
Hit ENTER to abort. Next:. Open browser on your target machine and type in any url followed by index.html for example:.
Expect to see something along these lines in the console: Advanced-Certificates. Click 'View Certificates'. Click 'Import'.
Select mitmproxy-ca-cert.cer. Choose 'Trust this CA to identify websites'. Press OK CA cert installation is not absolutely needed for Reflash, but for live sessions it is good to have. Test live connection with runfile.sh From command line, run. $./replay -f live.db Console messages Proxy started Proxy is running.
Landing page request Proxy is serving the supplied landing page in 'file' mode. Payload request Proxy is serving the supplied payload in 'file' mode. Flash content detected Proxy detected SWF in 'live' mode Reflash request Embedded SWF is sent back to proxy for instrumentation. Flash trace data Trace data received. This is the most important console message to monitor (if you want to abort the trace before timeout) because if it is missing, there is no data put to SQL database. If there is no data, message 'Nothing was logged.' Is written to console after trace termination.
Analyzing standalone files Standalone files are simple to analyze because there are no complicating factors, like javascript interaction with a live server. All the action happens in a closed circuit between Reflash proxy and the browser. This also means it limits the targets down to a simple, standalone files. Most modern Exploit Kits require some sort of interaction from a live server. Some go even so far that they cannot be correctly replayed using web replay dumps, such as. If your file is suitable for standalone analysis (most likely just a random file from VirusTotal is not), you can try out running it like unittest.swf in the above example. If you suspect the file requires arguments, you can supply them to the example index.html (see FlashVars).
You can naturally build whatever supporting interaction is required in the landing page, but that is out of scope of this document. Analyzing live web traffic For most cases like live Exploit Kits, live mode is what you want to use. Using Reflash in live mode is simple: run runlive.sh or just leave on 'live' option in monitor and make sure the timeout is long enough. When you think you captured all interesting exection (look for 'Flash trace data' messages on the console), just press 'Stop' (or ENTER when using command line tools). It should noted that all flash execution is monitored and logged in a single database during a live session. This can be observed nicely by browsing to in live mode. It loads (at least) three simple SWF files.
Advanced topics YARA Reflash has integrated support for running YARA in the context of stack values and disassembly text. YARA scan can be activated automatically after the trace using any of the command line tools with command line option -yara or with dbtool.py by directly manipulating ready-made database. See the usage of dbtool.py with -help. In the GUI tool replay, YARA rules can be loaded with Ctrl+Y (Search-Run yara). Example rules file misc.yara contains few rules detecting entities such as embedded SWF and some simple Exploit Kit shellcodes. Upstream proxy Proxy tools can be instructed to forward all requests to an upstream proxy, for example. Run Fiddler as upstream proxy for Reflash: start proxy with command line option -U proxyURL (for example -U ).
If you plan to run Fiddler on a same machine, you need to configure Fiddler as a standalone proxy. Open Tools-Fiddler Options-Connections.
Use some other port than 8080 (Reflash proxy default) or 8888 (Reflash log server default), for example 9999. Uncheck 'Act as a system proxy on startup'. Uncheck 'Monitor all connections'. Check 'Allow remote computers to connect' Automated browsing There is a rudimentary support for running automated browsing with the proxy, using. In order to activate that, please first read the Selenium documentation for setting up Selenium hub and node. In short, you need to run hub, most likely in the proxy machine (could be remote as well) and a node in target machine.
If you want to play with this, please use proxy command line options -browse and -hub or JSON settin 'hub' in 'proxyConfig' (see below). By default, proxy sets up the webdriver connection with Internet Explorer default capabilities. For tweaking the capabilities, you need to edit function runbrowser in proxy.py. Running hub on the local machine is as simple as downloading and running the jar file. $ java -jar selenium-server-standalone-3.0.1.jar -role hub Setting up Selenium node for running Internet Explorer is described. For even more automated configuration, please see the example script runvm.sh in directory 'framework'. It uses VirtualBox for running preconfigured Selenium nodes.
![Reflash Package V3 1 Exe Reflash Package V3 1 Exe](/uploads/1/2/5/3/125391962/617895328.png)
Config.json Some tools also use a JSON configuration file in addition to command line options. This can be supplied with cmdline options -c. JSON file has two sections: 'proxyConfig' for proxy tools and 'reflashConfig' for reflash. $ reflash i -input problem.swf -config config.json $ reflash d -input problem.swf.reflash -dir Then try to 'grep' the hook identifier trace message 'callproperty.' For locating the exact place where the trace message is coming from and work your way from there. It might also be a good approach to start debugging problems by limiting Reflash features. For example, for making sure the proxy framework works in general, try first running the session with 'noflash' flag (-x in command line tools).
Next level of intrusiveness could be running reflash with non-matching/bogus 'opcodeHooks' in config.json. Next, start adding hooks one by one, first 'methodentry', followed by 'callpropvoid' etc. If you think the logging is the problem, create Instrument.swf without logging ( recompile -T). Note that most Exploit Kit flash files refuse to run under debug flash player.
Licence GPL v3 or later.